Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/oBs5uRMeod5IGDwcGWMeQxxpHKQ.roa
File: oBs5uRMeod5IGDwcGWMeQxxpHKQ.roa (raw, json)
Hash identifier: oESvTylAF9kiizqsDJq4vme3OP/Ned8yELwhynH0iXk=
Subject key identifier: A0:1B:39:B9:13:1E:A1:DE:48:18:3C:1C:19:63:1E:43:1C:69:1C:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42F30F32
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/oBs5uRMeod5IGDwcGWMeQxxpHKQ.roa
Signing time: Wed 09 Feb 2022 13:48:03 +0000
ROA not before: Wed 09 Feb 2022 13:48:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200606
IP address blocks: 194.14.135.0/24 maxlen: 24
193.235.51.0/24 maxlen: 24
192.36.31.0/24 maxlen: 24
194.71.245.0/24 maxlen: 24
194.103.43.0/24 maxlen: 24
192.165.131.0/24 maxlen: 24
193.182.110.0/24 maxlen: 24
193.234.77.0/24 maxlen: 24
192.121.226.0/24 maxlen: 24
193.234.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1123225394 (0x42f30f32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 9 13:48:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a01b39b9131ea1de48183c1c19631e431c691ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:75:62:77:b4:f9:bb:3a:b4:1e:1b:ef:24:
12:de:a7:10:d4:2c:1a:82:41:f0:62:31:60:88:c8:
9c:e1:55:3f:0c:db:18:1b:c1:0d:26:b7:a8:8a:e3:
82:47:c8:ee:ea:a4:cc:47:05:62:d3:5a:13:ad:99:
aa:67:f0:8b:bd:93:a1:a2:0a:8b:6c:72:b4:a4:2d:
11:8d:8c:83:d0:97:22:65:98:dd:35:6a:e8:ad:71:
53:f9:81:b0:6a:12:76:48:df:0f:be:dd:fe:61:f4:
0a:36:b8:0a:d1:7d:52:e9:a7:cd:04:b1:ae:95:bd:
72:3b:9c:a3:ae:73:ac:9f:39:d7:99:3a:bb:68:71:
46:df:0b:ed:d1:a9:3e:a2:06:33:96:fb:8f:ba:b5:
48:3e:4b:75:b5:31:02:a4:3a:e1:86:40:0c:09:7c:
1a:dd:82:d7:e8:b4:e9:c7:f8:9e:54:88:8c:9f:c6:
b9:b4:a7:de:6f:e3:a7:d7:f6:8e:ee:45:b0:e8:9d:
df:e0:e3:2a:2a:66:03:f9:1b:bf:2b:83:a9:60:20:
fb:36:ac:bd:4a:d1:f9:03:c2:61:1f:d1:79:d8:45:
3a:fa:35:7c:58:df:cb:22:ec:27:27:f3:3a:c4:9c:
b9:ba:93:5c:fc:a2:59:1d:4d:e4:40:3f:cc:22:8d:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1B:39:B9:13:1E:A1:DE:48:18:3C:1C:19:63:1E:43:1C:69:1C:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/oBs5uRMeod5IGDwcGWMeQxxpHKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.31.0/24
192.121.226.0/24
192.165.131.0/24
193.182.110.0/24
193.234.76.0/23
193.235.51.0/24
194.14.135.0/24
194.71.245.0/24
194.103.43.0/24
Signature Algorithm: sha256WithRSAEncryption
35:f6:81:d5:fa:6c:39:10:59:d5:86:09:0b:8d:43:fc:71:cf:
7d:2e:b5:33:f8:79:e1:7a:2c:81:26:a4:fc:d0:73:79:5e:21:
22:76:76:fd:40:e8:da:36:ad:e9:88:f4:db:a4:c7:ec:5b:7a:
fb:4d:6a:5a:87:fc:6d:2b:0a:51:c8:1c:35:3f:1d:d5:a7:91:
14:93:04:3f:c3:ec:d1:f3:67:6b:db:e0:b6:83:ca:e8:06:ef:
e6:d3:64:49:da:50:b6:eb:fc:88:30:78:a3:8c:9c:40:34:f6:
6c:cd:8d:0a:4c:20:08:5f:82:eb:f9:05:26:5c:91:57:9f:3d:
92:fd:dc:4c:d8:ba:c9:ca:ba:d0:d5:fa:5f:40:aa:cd:33:ee:
41:bb:d2:7d:a2:63:0e:b5:d2:10:d8:07:d9:be:c8:0b:d9:09:
b8:51:df:96:fe:00:36:ba:9f:9a:f9:3e:e0:bd:6b:ce:70:91:
07:3c:80:7f:79:e5:f5:d8:42:a4:b8:55:b2:46:70:1d:2f:e0:
6c:64:dc:aa:54:20:fe:be:41:75:1e:e8:51:22:b0:a3:54:6a:
cf:7d:26:ff:ff:09:77:5e:39:f1:0d:b5:66:af:02:13:e8:fc:
67:d4:57:3b:15:2c:92:d8:56:49:5a:69:01:42:6d:66:95:b9:
c0:bb:77:74
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEQvMPMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDIw
OTEzNDgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAxYjM5YjkxMzFl
YTFkZTQ4MTgzYzFjMTk2MzFlNDMxYzY5MWNhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdOdWJ3tPm7OrQeG+8kEt6nENQsGoJB8GIxYIjInOFVPwzb
GBvBDSa3qIrjgkfI7uqkzEcFYtNaE62Zqmfwi72ToaIKi2xytKQtEY2Mg9CXImWY
3TVq6K1xU/mBsGoSdkjfD77d/mH0Cja4CtF9UumnzQSxrpW9cjuco65zrJ8515k6
u2hxRt8L7dGpPqIGM5b7j7q1SD5LdbUxAqQ64YZADAl8Gt2C1+i06cf4nlSIjJ/G
ubSn3m/jp9f2ju5FsOid3+DjKipmA/kbvyuDqWAg+zasvUrR+QPCYR/RedhFOvo1
fFjfyyLsJyfzOsScubqTXPyiWR1N5EA/zCKN9Y8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSgGzm5Ex6h3kgYPBwZYx5DHGkcpDAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L29CczV1Uk1lb2Q1SUdEd2NHV01lUXh4cEhLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAMAkHwMEAMB54gMEAMClgwMEAMG2
bgMEAcHqTAMEAMHrMwMEAMIOhwMEAMJH9QMEAMJnKzANBgkqhkiG9w0BAQsFAAOC
AQEANfaB1fpsORBZ1YYJC41D/HHPfS61M/h54XosgSak/NBzeV4hInZ2/UDo2jat
6Yj026TH7Ft6+01qWof8bSsKUcgcNT8d1aeRFJMEP8Ps0fNna9vgtoPK6Abv5tNk
SdpQtuv8iDB4o4ycQDT2bM2NCkwgCF+C6/kFJlyRV589kv3cTNi6ycq60NX6X0Cq
zTPuQbvSfaJjDrXSENgH2b7IC9kJuFHflv4ANrqfmvk+4L1rznCRBzyAf3nl9dhC
pLhVskZwHS/gbGTcqlQg/r5BdR7oUSKwo1Rqz30m//8Jd1458Q21Zq8CE+j8Z9RX
OxUskthWSVppAUJtZpW5wLt3dA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org